SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2394-1)

high Nessus Plugin ID 202176

Language:

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2394-1 advisory.

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes.

The following security bugs were fixed:

- CVE-2021-47089: kfence: fix memory leak when cat kfence objects (bsc#1220958.
- CVE-2021-47432: lib/generic-radix-tree.c: Do not overflow in peek() (bsc#1225391).
- CVE-2021-47515: seg6: fix the iif in the IPv6 socket control block (bsc#1225426).
- CVE-2021-47538: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1225448).
- CVE-2021-47539: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() (bsc#1225452).
- CVE-2021-47555: net: vlan: fix underflow for the real_dev refcnt (bsc#1225467).
- CVE-2021-47566: Fix clearing user buffer by properly using clear_user() (bsc#1225514).
- CVE-2021-47571: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (bsc#1225518).
- CVE-2021-47572: net: nexthop: fix null pointer dereference when IPv6 is not enabled (bsc#1225389).
- CVE-2022-48716: ASoC: codecs: wcd938x: fix incorrect used of portid (bsc#1226678).
- CVE-2023-24023: Bluetooth: Add more enc key size check (bsc#1218148).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52658: Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (bsc#1224719).
- CVE-2023-52667: net/mlx5e: fix a potential double-free in fs_any_create_groups (bsc#1224603).
- CVE-2023-52670: rpmsg: virtio: Free driver_override when rpmsg_remove() (bsc#1224696).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52675: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (bsc#1224504).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2023-52737: btrfs: lock the inode in shared mode before starting fiemap (bsc#1225484).
- CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225487).
- CVE-2023-52784: bonding: stop the device in bond_setup_by_slave() (bsc#1224946).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2023-52835: perf/core: Bail out early if the request AUX area is out of bound (bsc#1225602).
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
- CVE-2023-52869: pstore/platform: Add check for kstrdup (bsc#1225050).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2023-52882: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (bsc#1225692).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-26644: btrfs: do not abort filesystem when attempting to snapshot deleted subvolume (bsc#1221282, bsc#1222072).
- CVE-2024-26720: mm: Avoid overflows in dirty throttling logic (bsc#1222364).
- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-26973: fat: fix uninitialized field in nostale filehandles (bsc#1223641).
- CVE-2024-27432: net: ethernet: mtk_eth_soc: fix PPE hanging issue (bsc#1224716).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-35789: Check fast rx for non-4addr sta VLAN changes (bsc#1224749).
- CVE-2024-35790: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (bsc#1224712).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2024-35835: net/mlx5e: fix a double-free in arfs_create_groups (bsc#1224605).
- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2024-35950: drm/client: Fully protect modes with dev->mode_config.mutex (bsc#1224703).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35958: net: ena: Fix incorrect descriptor free behavior (bsc#1224677).
- CVE-2024-35960: net/mlx5: Properly link new fs rules into the tree (bsc#1224588).
- CVE-2024-35997: Remove I2C_HID_READ_PENDING flag to prevent lock-up (bsc#1224552).
- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36020: i40e: fix vf may be used uninitialized in this function warning (bsc#1225698).
- CVE-2024-36021: net: hns3: fix kernel crash when devlink reload during pf initialization (bsc#1225699).
- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-36890: mm/slab: make __free(kfree) accept error pointers (bsc#1225714).
- CVE-2024-36894: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (bsc#1225749).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
- CVE-2024-36940: pinctrl: core: delete incorrect free in pinctrl_enable() (bsc#1225840).
- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
- CVE-2024-36949: amd/amdkfd: sync all devices to wait all processes being evicted (bsc#1225872)
- CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1225866).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-38541: of: module: add buffer overflow check in of_modalias() (bsc#1226587).
- CVE-2024-38545: RDMA/hns: Fix UAF for cq async event (bsc#1226595).
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
- CVE-2024-38578: ecryptfs: Fix buffer size for tag 66 packet (bsc#1226634).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38780: dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (bsc#1226886).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.
- CVE-2024-39469: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (bsc#1226992).

The following non-security bugs were fixed:

- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
- ACPICA: Revert 'ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.' (git-fixes).
- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).
- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (stable-fixes).
- ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (stable-fixes).
- ASoC: rt715-sdca: volume step modification (stable-fixes).
- ASoC: rt715: add vendor clear control register (stable-fixes).
- Add remote for nfs maintainer
- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).
- Fix new build warnings regarding unused variables: Changed build warnings: ***** 2 warnings ***** * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_queue_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_queue_cap_unlink_work': ../fs/ceph/mds_client.c:2421:22: warning: unused variable 'cl' [-Wunused-variable] * unused-variable (cl) in ../fs/ceph/mds_client.c in ceph_cap_unlink_work ../fs/ceph/mds_client.c: In function 'ceph_cap_unlink_work': ../fs/ceph/mds_client.c:2436:22: warning:
unused variable 'cl' [-Wunused-variable]
- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).
- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).
- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).
- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).
- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)
- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)
- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).
- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
- RDMA/hns: Fix incorrect sge nums calculation (git-fixes)
- RDMA/irdma: Drop unused kernel push code (git-fixes)
- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
- Revert 'Add remote for nfs maintainer'
- Revert 'build initrd without systemd' (bsc#1195775)'
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).
- X.509: Fix the parser of extended key usage for length (bsc#1218820).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8690).
- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8690).
- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8690).
- arm64: mm: do not acquire mutex when rewriting swapper (jsc#PED-8690).
- ata: ahci: Clean up sysfs file on error (git-fixes).
- ata: libata-core: Fix double free on error (git-fixes).
- ata: libata-core: Fix null pointer dereference on error (git-fixes).
- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
- bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener (git-fixes).
- btrfs: avoid copying BTRFS_ROOT_SUBVOL_DEAD flag to snapshot of subvolume being deleted (bsc#1221282).
- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).
- ceph: always check dir caps asynchronously (bsc#1226022).
- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
- ceph: break the check delayed cap loop every 5s (bsc#1226022).
- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).
- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- cifs: fix hang in wait_for_response() (bsc#1220812, bsc#1220368).
- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).
- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).
- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).
- drm/amd/display: drop unnecessary NULL checks in debugfs (stable-fixes).
- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
- drm/amdgpu: Update BO eviction priorities (stable-fixes).
- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
- drm/amdkfd: Rework kfd_locked handling (bsc#1225872)
- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
- drm/komeda: check for error-valued pointer (git-fixes).
- drm/lima: add mask irq callback to gp and pp (stable-fixes).
- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: Return IRQ_NONE for unhandled interrupts (stable-fixes).
- drm/msm: Enable clamp_to_idle for 7c3 (stable-fixes).
- drm/panel-samsung-atna33xc20: Use ktime_get_boottime for delays (stable-fixes).
- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
- gpio: davinci: Validate the obtained number of IRQs (git-fixes).
- gpio: tqmx86: fix typo in Kconfig label (git-fixes).
- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: ocores: set IACK bit after core is enabled (git-fixes).
- i2c: testunit: discard write requests while old command is running (git-fixes).
- i2c: testunit: do not erase registers after STOP (git-fixes).
- iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes).
- iio: adc: ad7266: Fix variable checking bug (git-fixes).
- iio: adc: ad9467: fix scan type sign (git-fixes).
- iio: chemical: bme680: Fix calibration data variable (git-fixes).
- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
- iio: chemical: bme680: Fix pressure value output (git-fixes).
- iio: chemical: bme680: Fix sensor data read operation (git-fixes).
- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu: Return right value in iommu_sva_bind_device() (git-fixes).
- iommu: mtk: fix module autoloading (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
- kbuild: do not include include/config/auto.conf from shell scripts (bsc#1227274).
- kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
- kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
- kernel-doc: fix struct_group_tagged() parsing (git-fixes).
- lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (git-fixes).
- media: flexcop-usb: clean up endpoint sanity checks (stable-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: ipu3-cio2: Use temporary storage for struct device pointer (stable-fixes).
- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
- media: mxl5xx: Move xpt structures off stack (stable-fixes).
- media: radio-shark2: Avoid led_names truncations (git-fixes).
- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
- mei: me: release irq in mei_me_pci_resume error path (git-fixes).
- mkspec-dtb: add toplevel symlinks also on arm
- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).
- mmc: core: Do not force a retune before RPMB switch (stable-fixes).
- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
- mmc: sdhci: Do not invert write-protect twice (git-fixes).
- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Drop lookup for deprecated ti,otap-del-sel (stable-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
- net/mlx5e: Fix a race in command alloc flow (git-fixes).
- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).
- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).
- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
- net: ena: Fix redundant device NUMA node override (jsc#PED-8690).
- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
- net: usb: ax88179_178a: improve link status logs (git-fixes).
- net: usb: ax88179_178a: improve reset check (git-fixes).
- net: usb: qmi_wwan: add Telit FN920C04 compositions (stable-fixes).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- nilfs2: fix potential hang in nilfs_detach_log_writer() (stable-fixes).
- nvme: find numa distance only if controller has valid numa id (git-fixes).
- nvmet-passthru: propagate status from id override functions (git-fixes).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).
- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).
- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
- random: treat bootloader trust toggle the same way as cpu trust toggle (bsc#1226953).
- regulator: bd71815: fix ramp values (git-fixes).
- regulator: core: Fix modpost error 'regulator_get_regmap' undefined (git-fixes).
- regulator: irq_helpers: duplicate IRQ name (stable-fixes).
- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
- rpm/mkspec-dtb: dtbs have moved to vendor sub-directories in 6.5 By commit 724ba6751532 ('ARM: dts: Move .dts files to vendor sub-directories'). So switch to them.
- sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791).
- scsi: sd: Update DIX config every time sd_revalidate_disk() is called (bsc#1218570).
- smb: client: ensure to try all targets when finding nested links (bsc#1224020).
- smb: client: guarantee refcounted children from parent session (bsc#1224679).
- soundwire: cadence: fix invalid PDI offset (stable-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)
- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.
- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.
- tty: mcf: MCF54418 has 10 UARTS (git-fixes).
- usb-storage: alauda: Check whether the media is initialized (git-fixes).
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
- usb: fotg210-hcd: delete an incorrect bounds test (git-fixes).
- usb: gadget: printer: fix races against disable (git-fixes).
- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).
- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
- usb: typec: ucsi: Never send a lone connector change ack (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper (git-fixes).
- usb: xhci: address off-by-one in xhci_num_trbs_free() (git-fixes).
- usb: xhci: improve debug message in xhci_ring_expansion_needed() (git-fixes).
- watchdog: bd9576: Drop 'always-running' property (git-fixes).
- watchdog: bd9576_wdt: switch to using devm_fwnode_gpiod_get() (stable-fixes).
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).
- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).
- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).
- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).
- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).
- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
- x86/mce: Dynamically size space for machine check records (bsc#1222241).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
- xfs: make sure sb_fdblocks is non-negative (bsc#1225419).
- xhci: Fix failure to detect ring expansion need (git-fixes).
- xhci: Fix transfer ring expansion size calculation (git-fixes).
- xhci: Handle TD clearing for multiple streams case (git-fixes).
- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
- xhci: Stop unnecessary tracking of free trbs in a ring (git-fixes).
- xhci: fix matching completion events with TDs (git-fixes).
- xhci: remove unused stream_id parameter from xhci_handle_halted_endpoint() (git-fixes).
- xhci: restre deleted trb fields for tracing (git-fixes).
- xhci: retry Stop Endpoint on buggy NEC controllers (git-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
- xhci: update event ring dequeue pointer position to controller correctly (git-fixes).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

Plugin Details

Severity: High

ID: 202176

File Name: suse_SU-2024-2394-1.nasl

Version: 1.1

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 7/11/2024

Updated: 7/11/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2024-36971

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-livepatch-5_14_21-150500_13_61-rt, cpe:/o:novell:suse_linux:15

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/10/2024

Vulnerability Publication Date: 11/14/2023

Reference Information

CVE: CVE-2021-4439, CVE-2021-47089, CVE-2021-47432, CVE-2021-47515, CVE-2021-47534, CVE-2021-47538, CVE-2021-47539, CVE-2021-47555, CVE-2021-47566, CVE-2021-47571, CVE-2021-47572, CVE-2021-47576, CVE-2021-47577, CVE-2021-47578, CVE-2021-47580, CVE-2021-47582, CVE-2021-47583, CVE-2021-47584, CVE-2021-47585, CVE-2021-47586, CVE-2021-47587, CVE-2021-47589, CVE-2021-47592, CVE-2021-47595, CVE-2021-47596, CVE-2021-47597, CVE-2021-47600, CVE-2021-47601, CVE-2021-47602, CVE-2021-47603, CVE-2021-47604, CVE-2021-47605, CVE-2021-47607, CVE-2021-47608, CVE-2021-47609, CVE-2021-47610, CVE-2021-47611, CVE-2021-47612, CVE-2021-47614, CVE-2021-47615, CVE-2021-47616, CVE-2021-47617, CVE-2021-47618, CVE-2021-47619, CVE-2021-47620, CVE-2022-48711, CVE-2022-48712, CVE-2022-48713, CVE-2022-48714, CVE-2022-48715, CVE-2022-48716, CVE-2022-48717, CVE-2022-48718, CVE-2022-48720, CVE-2022-48721, CVE-2022-48722, CVE-2022-48723, CVE-2022-48724, CVE-2022-48725, CVE-2022-48726, CVE-2022-48727, CVE-2022-48728, CVE-2022-48729, CVE-2022-48730, CVE-2022-48732, CVE-2022-48733, CVE-2022-48734, CVE-2022-48735, CVE-2022-48736, CVE-2022-48737, CVE-2022-48738, CVE-2022-48739, CVE-2022-48740, CVE-2022-48743, CVE-2022-48744, CVE-2022-48745, CVE-2022-48746, CVE-2022-48747, CVE-2022-48748, CVE-2022-48749, CVE-2022-48751, CVE-2022-48752, CVE-2022-48753, CVE-2022-48754, CVE-2022-48755, CVE-2022-48756, CVE-2022-48758, CVE-2022-48759, CVE-2022-48760, CVE-2022-48761, CVE-2022-48763, CVE-2022-48765, CVE-2022-48766, CVE-2022-48767, CVE-2022-48768, CVE-2022-48769, CVE-2022-48770, CVE-2022-48771, CVE-2022-48772, CVE-2023-24023, CVE-2023-52622, CVE-2023-52658, CVE-2023-52667, CVE-2023-52670, CVE-2023-52672, CVE-2023-52675, CVE-2023-52735, CVE-2023-52737, CVE-2023-52752, CVE-2023-52766, CVE-2023-52784, CVE-2023-52787, CVE-2023-52800, CVE-2023-52835, CVE-2023-52837, CVE-2023-52843, CVE-2023-52845, CVE-2023-52846, CVE-2023-52869, CVE-2023-52881, CVE-2023-52882, CVE-2023-52884, CVE-2024-26625, CVE-2024-26644, CVE-2024-26720, CVE-2024-26842, CVE-2024-26845, CVE-2024-26923, CVE-2024-26973, CVE-2024-27432, CVE-2024-33619, CVE-2024-35247, CVE-2024-35789, CVE-2024-35790, CVE-2024-35807, CVE-2024-35814, CVE-2024-35835, CVE-2024-35848, CVE-2024-35857, CVE-2024-35861, CVE-2024-35862, CVE-2024-35864, CVE-2024-35869, CVE-2024-35878, CVE-2024-35884, CVE-2024-35886, CVE-2024-35896, CVE-2024-35898, CVE-2024-35900, CVE-2024-35905, CVE-2024-35925, CVE-2024-35950, CVE-2024-35956, CVE-2024-35958, CVE-2024-35960, CVE-2024-35962, CVE-2024-35997, CVE-2024-36005, CVE-2024-36008, CVE-2024-36017, CVE-2024-36020, CVE-2024-36021, CVE-2024-36025, CVE-2024-36477, CVE-2024-36478, CVE-2024-36479, CVE-2024-36890, CVE-2024-36894, CVE-2024-36899, CVE-2024-36900, CVE-2024-36904, CVE-2024-36915, CVE-2024-36916, CVE-2024-36917, CVE-2024-36919, CVE-2024-36934, CVE-2024-36937, CVE-2024-36940, CVE-2024-36945, CVE-2024-36949, CVE-2024-36960, CVE-2024-36964, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36975, CVE-2024-36978, CVE-2024-37021, CVE-2024-37078, CVE-2024-37354, CVE-2024-38381, CVE-2024-38388, CVE-2024-38390, CVE-2024-38540, CVE-2024-38541, CVE-2024-38544, CVE-2024-38545, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38553, CVE-2024-38555, CVE-2024-38556, CVE-2024-38557, CVE-2024-38559, CVE-2024-38560, CVE-2024-38564, CVE-2024-38565, CVE-2024-38567, CVE-2024-38568, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38581, CVE-2024-38582, CVE-2024-38583, CVE-2024-38587, CVE-2024-38590, CVE-2024-38591, CVE-2024-38594, CVE-2024-38597, CVE-2024-38599, CVE-2024-38600, CVE-2024-38601, CVE-2024-38603, CVE-2024-38605, CVE-2024-38608, CVE-2024-38616, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38627, CVE-2024-38630, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38659, CVE-2024-38661, CVE-2024-38780, CVE-2024-39301, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471

SuSE: SUSE-SU-2024:2394-1

Detections

Analytics